Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-jul-to-slf4j-stub@1.0.1-6.Final_redhat_3.1.ep7?arch=el7
Typerpm
Namespaceredhat
Nameeap7-jul-to-slf4j-stub
Version1.0.1-6.Final_redhat_3.1.ep7
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2e2u-nvuu-kfbs
vulnerability_id VCID-2e2u-nvuu-kfbs
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
Invalid characters are allowed in query strings and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3454
1
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3455
2
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3456
3
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3458
4
reference_url https://access.redhat.com/errata/RHSA-2018:0002
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0002
5
reference_url https://access.redhat.com/errata/RHSA-2018:0003
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0003
6
reference_url https://access.redhat.com/errata/RHSA-2018:0004
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0004
7
reference_url https://access.redhat.com/errata/RHSA-2018:0005
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0005
8
reference_url https://access.redhat.com/errata/RHSA-2018:1322
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1322
9
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7559.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7559.json
10
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7559
reference_id
reference_type
scores
0
value 0.01128
scoring_system epss
scoring_elements 0.78331
published_at 2026-04-16T12:55:00Z
1
value 0.01128
scoring_system epss
scoring_elements 0.78302
published_at 2026-04-13T12:55:00Z
2
value 0.01128
scoring_system epss
scoring_elements 0.78285
published_at 2026-04-04T12:55:00Z
3
value 0.01128
scoring_system epss
scoring_elements 0.78299
published_at 2026-04-09T12:55:00Z
4
value 0.01128
scoring_system epss
scoring_elements 0.78293
published_at 2026-04-08T12:55:00Z
5
value 0.01128
scoring_system epss
scoring_elements 0.78254
published_at 2026-04-02T12:55:00Z
6
value 0.01128
scoring_system epss
scoring_elements 0.78267
published_at 2026-04-07T12:55:00Z
7
value 0.01128
scoring_system epss
scoring_elements 0.78307
published_at 2026-04-12T12:55:00Z
8
value 0.01128
scoring_system epss
scoring_elements 0.78324
published_at 2026-04-11T12:55:00Z
9
value 0.01128
scoring_system epss
scoring_elements 0.78246
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7559
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7559
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7559
12
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
13
reference_url https://issues.jboss.org/browse/UNDERTOW-1251
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.jboss.org/browse/UNDERTOW-1251
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1481665
reference_id 1481665
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1481665
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885576
reference_id 885576
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885576
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:undertow:2.0.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.0.0:alpha1:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7559
reference_id CVE-2017-7559
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7559
19
reference_url https://github.com/advisories/GHSA-rj76-h87p-r3wf
reference_id GHSA-rj76-h87p-r3wf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rj76-h87p-r3wf
fixed_packages
aliases CVE-2017-7559, GHSA-rj76-h87p-r3wf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2e2u-nvuu-kfbs
1
url VCID-42tt-ernk-y3bn
vulnerability_id VCID-42tt-ernk-y3bn
summary EAP7 Privilege escalation when managing domain including earlier version slaves
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5406.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5406.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5406
reference_id
reference_type
scores
0
value 0.01504
scoring_system epss
scoring_elements 0.81099
published_at 2026-04-01T12:55:00Z
1
value 0.01504
scoring_system epss
scoring_elements 0.81107
published_at 2026-04-02T12:55:00Z
2
value 0.01504
scoring_system epss
scoring_elements 0.81132
published_at 2026-04-04T12:55:00Z
3
value 0.01504
scoring_system epss
scoring_elements 0.81131
published_at 2026-04-07T12:55:00Z
4
value 0.01504
scoring_system epss
scoring_elements 0.81158
published_at 2026-04-08T12:55:00Z
5
value 0.01504
scoring_system epss
scoring_elements 0.81164
published_at 2026-04-09T12:55:00Z
6
value 0.01504
scoring_system epss
scoring_elements 0.81183
published_at 2026-04-11T12:55:00Z
7
value 0.01504
scoring_system epss
scoring_elements 0.81169
published_at 2026-04-12T12:55:00Z
8
value 0.01504
scoring_system epss
scoring_elements 0.81163
published_at 2026-04-13T12:55:00Z
9
value 0.01504
scoring_system epss
scoring_elements 0.812
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5406
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1359014
reference_id 1359014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1359014
3
reference_url https://access.redhat.com/errata/RHSA-2016:1838
reference_id RHSA-2016:1838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1838
4
reference_url https://access.redhat.com/errata/RHSA-2016:1839
reference_id RHSA-2016:1839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1839
5
reference_url https://access.redhat.com/errata/RHSA-2016:1840
reference_id RHSA-2016:1840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1840
6
reference_url https://access.redhat.com/errata/RHSA-2016:1841
reference_id RHSA-2016:1841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1841
fixed_packages
aliases CVE-2016-5406
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42tt-ernk-y3bn
2
url VCID-77xn-dtdn-hfa2
vulnerability_id VCID-77xn-dtdn-hfa2
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
It was discovered in Undertow that the code that parses the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-1409.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-1409.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2666.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2666.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2666
reference_id
reference_type
scores
0
value 0.01394
scoring_system epss
scoring_elements 0.80411
published_at 2026-04-16T12:55:00Z
1
value 0.01394
scoring_system epss
scoring_elements 0.80375
published_at 2026-04-08T12:55:00Z
2
value 0.01394
scoring_system epss
scoring_elements 0.80385
published_at 2026-04-09T12:55:00Z
3
value 0.01394
scoring_system epss
scoring_elements 0.80404
published_at 2026-04-11T12:55:00Z
4
value 0.01394
scoring_system epss
scoring_elements 0.80389
published_at 2026-04-12T12:55:00Z
5
value 0.01394
scoring_system epss
scoring_elements 0.80382
published_at 2026-04-13T12:55:00Z
6
value 0.01394
scoring_system epss
scoring_elements 0.8033
published_at 2026-04-01T12:55:00Z
7
value 0.01394
scoring_system epss
scoring_elements 0.80337
published_at 2026-04-02T12:55:00Z
8
value 0.01394
scoring_system epss
scoring_elements 0.80357
published_at 2026-04-04T12:55:00Z
9
value 0.01394
scoring_system epss
scoring_elements 0.80346
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2666
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
6
reference_url https://github.com/advisories/GHSA-mcfm-h73v-635m
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-mcfm-h73v-635m
7
reference_url http://www.securityfocus.com/bid/98966
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/98966
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1436163
reference_id 1436163
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1436163
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
reference_id 864405
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2666
reference_id CVE-2017-2666
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2666
11
reference_url https://access.redhat.com/errata/RHSA-2017:1409
reference_id RHSA-2017:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1409
fixed_packages
aliases CVE-2017-2666, GHSA-mcfm-h73v-635m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77xn-dtdn-hfa2
3
url VCID-9u3r-n3zy-53f1
vulnerability_id VCID-9u3r-n3zy-53f1
summary EAP-7: Wrong privileges on multiple property files
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12167.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12167
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16037
published_at 2026-04-01T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16218
published_at 2026-04-02T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16279
published_at 2026-04-04T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16074
published_at 2026-04-07T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.16159
published_at 2026-04-08T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.16223
published_at 2026-04-09T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.16206
published_at 2026-04-11T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.16166
published_at 2026-04-12T12:55:00Z
8
value 0.00051
scoring_system epss
scoring_elements 0.16098
published_at 2026-04-13T12:55:00Z
9
value 0.00051
scoring_system epss
scoring_elements 0.16031
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12167
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1491612
reference_id 1491612
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1491612
fixed_packages
aliases CVE-2017-12167
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9u3r-n3zy-53f1
4
url VCID-9zut-79gt-1bgy
vulnerability_id VCID-9zut-79gt-1bgy
summary It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-1409.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-1409.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2670.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2670.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2670
reference_id
reference_type
scores
0
value 0.05972
scoring_system epss
scoring_elements 0.90678
published_at 2026-04-16T12:55:00Z
1
value 0.05972
scoring_system epss
scoring_elements 0.90639
published_at 2026-04-07T12:55:00Z
2
value 0.05972
scoring_system epss
scoring_elements 0.9065
published_at 2026-04-08T12:55:00Z
3
value 0.05972
scoring_system epss
scoring_elements 0.90656
published_at 2026-04-09T12:55:00Z
4
value 0.05972
scoring_system epss
scoring_elements 0.90665
published_at 2026-04-12T12:55:00Z
5
value 0.05972
scoring_system epss
scoring_elements 0.90659
published_at 2026-04-13T12:55:00Z
6
value 0.05972
scoring_system epss
scoring_elements 0.90617
published_at 2026-04-01T12:55:00Z
7
value 0.05972
scoring_system epss
scoring_elements 0.90621
published_at 2026-04-02T12:55:00Z
8
value 0.05972
scoring_system epss
scoring_elements 0.90631
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2670
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2666
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2670
6
reference_url https://github.com/advisories/GHSA-3x7h-5hfr-hvjm
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3x7h-5hfr-hvjm
7
reference_url https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
reference_id
reference_type
scores
url https://github.com/undertow-io/undertow/commit/9bfe9fbbb595d51157b61693f072895f7dbadd1d
8
reference_url http://www.securityfocus.com/bid/98965
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/98965
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1438885
reference_id 1438885
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1438885
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
reference_id 864405
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864405
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2670
reference_id CVE-2017-2670
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2670
12
reference_url https://access.redhat.com/errata/RHSA-2017:1409
reference_id RHSA-2017:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1409
fixed_packages
aliases CVE-2017-2670, GHSA-3x7h-5hfr-hvjm
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9zut-79gt-1bgy
5
url VCID-ay2f-3xcv-dqdc
vulnerability_id VCID-ay2f-3xcv-dqdc
summary 
Improper Neutralization of CRLF Sequences in HTTP Headers
CRLF injection vulnerability in the Undertow web server allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1838.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1838.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1839.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1839.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1840.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1840.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1841.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1841.html
4
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3454
5
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3455
6
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3456
7
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3458
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4993.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4993.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4993
reference_id
reference_type
scores
0
value 0.01476
scoring_system epss
scoring_elements 0.80999
published_at 2026-04-16T12:55:00Z
1
value 0.01476
scoring_system epss
scoring_elements 0.80904
published_at 2026-04-01T12:55:00Z
2
value 0.01476
scoring_system epss
scoring_elements 0.80913
published_at 2026-04-02T12:55:00Z
3
value 0.01476
scoring_system epss
scoring_elements 0.80935
published_at 2026-04-04T12:55:00Z
4
value 0.01476
scoring_system epss
scoring_elements 0.80932
published_at 2026-04-07T12:55:00Z
5
value 0.01476
scoring_system epss
scoring_elements 0.8096
published_at 2026-04-08T12:55:00Z
6
value 0.01476
scoring_system epss
scoring_elements 0.80967
published_at 2026-04-09T12:55:00Z
7
value 0.01476
scoring_system epss
scoring_elements 0.80984
published_at 2026-04-11T12:55:00Z
8
value 0.01476
scoring_system epss
scoring_elements 0.8097
published_at 2026-04-12T12:55:00Z
9
value 0.01476
scoring_system epss
scoring_elements 0.80962
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4993
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1344321
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1344321
11
reference_url https://github.com/undertow-io/undertow/commit/834496fb74ddda2af197940c70d08bab419fdf12
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/834496fb74ddda2af197940c70d08bab419fdf12
12
reference_url https://issues.redhat.com/browse/UNDERTOW-827
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/UNDERTOW-827
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4993
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4993
14
reference_url https://access.redhat.com/security/cve/CVE-2016-4993
reference_id CVE-2016-4993
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2016-4993
15
reference_url https://github.com/advisories/GHSA-qcqr-hcjq-whfq
reference_id GHSA-qcqr-hcjq-whfq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qcqr-hcjq-whfq
16
reference_url https://access.redhat.com/errata/RHSA-2016:1838
reference_id RHSA-2016:1838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1838
17
reference_url https://access.redhat.com/errata/RHSA-2016:1839
reference_id RHSA-2016:1839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1839
18
reference_url https://access.redhat.com/errata/RHSA-2016:1840
reference_id RHSA-2016:1840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1840
19
reference_url https://access.redhat.com/errata/RHSA-2016:1841
reference_id RHSA-2016:1841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1841
fixed_packages
aliases CVE-2016-4993, GHSA-qcqr-hcjq-whfq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ay2f-3xcv-dqdc
6
url VCID-e6qx-uhr4-kqb8
vulnerability_id VCID-e6qx-uhr4-kqb8
summary admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0170.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0170.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0171.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0171.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0172.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0172.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0173.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0173.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0244.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0244.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2017-0245.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0245.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2017-0246.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0246.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2017-0247.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0247.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2017-0250.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0250.html
9
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3454
10
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3455
11
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3456
12
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3458
13
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8627.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8627.json
14
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8627
reference_id
reference_type
scores
0
value 0.00801
scoring_system epss
scoring_elements 0.74027
published_at 2026-04-01T12:55:00Z
1
value 0.00801
scoring_system epss
scoring_elements 0.74114
published_at 2026-04-16T12:55:00Z
2
value 0.00801
scoring_system epss
scoring_elements 0.74101
published_at 2026-04-11T12:55:00Z
3
value 0.00801
scoring_system epss
scoring_elements 0.74083
published_at 2026-04-12T12:55:00Z
4
value 0.00801
scoring_system epss
scoring_elements 0.74076
published_at 2026-04-13T12:55:00Z
5
value 0.00801
scoring_system epss
scoring_elements 0.74034
published_at 2026-04-02T12:55:00Z
6
value 0.00801
scoring_system epss
scoring_elements 0.7406
published_at 2026-04-04T12:55:00Z
7
value 0.00801
scoring_system epss
scoring_elements 0.74031
published_at 2026-04-07T12:55:00Z
8
value 0.00801
scoring_system epss
scoring_elements 0.74064
published_at 2026-04-08T12:55:00Z
9
value 0.00801
scoring_system epss
scoring_elements 0.74079
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8627
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8627
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8627
16
reference_url http://www.securityfocus.com/bid/95698
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95698
17
reference_url http://www.securitytracker.com/id/1037660
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037660
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1388240
reference_id 1388240
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1388240
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8627
reference_id CVE-2016-8627
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-8627
24
reference_url https://access.redhat.com/errata/RHSA-2017:0170
reference_id RHSA-2017:0170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0170
25
reference_url https://access.redhat.com/errata/RHSA-2017:0171
reference_id RHSA-2017:0171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0171
26
reference_url https://access.redhat.com/errata/RHSA-2017:0172
reference_id RHSA-2017:0172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0172
27
reference_url https://access.redhat.com/errata/RHSA-2017:0173
reference_id RHSA-2017:0173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0173
28
reference_url https://access.redhat.com/errata/RHSA-2017:0244
reference_id RHSA-2017:0244
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0244
29
reference_url https://access.redhat.com/errata/RHSA-2017:0245
reference_id RHSA-2017:0245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0245
30
reference_url https://access.redhat.com/errata/RHSA-2017:0246
reference_id RHSA-2017:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0246
31
reference_url https://access.redhat.com/errata/RHSA-2017:0247
reference_id RHSA-2017:0247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0247
32
reference_url https://access.redhat.com/errata/RHSA-2017:0250
reference_id RHSA-2017:0250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0250
fixed_packages
aliases CVE-2016-8627
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6qx-uhr4-kqb8
7
url VCID-hexa-jm8k-y3hc
vulnerability_id VCID-hexa-jm8k-y3hc
summary jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0244.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0244.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0245.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0245.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0246.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0246.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0250.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0250.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0831.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0831.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2017-0832.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0832.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2017-0834.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0834.html
7
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3454
8
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3455
9
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3458
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8656.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8656.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8656
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21637
published_at 2026-04-01T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21661
published_at 2026-04-16T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21758
published_at 2026-04-11T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21718
published_at 2026-04-12T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21662
published_at 2026-04-13T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21808
published_at 2026-04-02T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21861
published_at 2026-04-04T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21614
published_at 2026-04-07T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.2169
published_at 2026-04-08T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21747
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8656
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8656
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8656
13
reference_url http://www.securityfocus.com/bid/96035
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96035
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1400344
reference_id 1400344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1400344
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8656
reference_id CVE-2016-8656
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-8656
21
reference_url https://access.redhat.com/errata/RHSA-2017:0244
reference_id RHSA-2017:0244
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0244
22
reference_url https://access.redhat.com/errata/RHSA-2017:0245
reference_id RHSA-2017:0245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0245
23
reference_url https://access.redhat.com/errata/RHSA-2017:0246
reference_id RHSA-2017:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0246
24
reference_url https://access.redhat.com/errata/RHSA-2017:0250
reference_id RHSA-2017:0250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0250
25
reference_url https://access.redhat.com/errata/RHSA-2017:0831
reference_id RHSA-2017:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0831
26
reference_url https://access.redhat.com/errata/RHSA-2017:0832
reference_id RHSA-2017:0832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0832
27
reference_url https://access.redhat.com/errata/RHSA-2017:0834
reference_id RHSA-2017:0834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0834
28
reference_url https://access.redhat.com/errata/RHSA-2018:1609
reference_id RHSA-2018:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1609
fixed_packages
aliases CVE-2016-8656
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hexa-jm8k-y3hc
8
url VCID-jtbq-4rr9-vud6
vulnerability_id VCID-jtbq-4rr9-vud6
summary wildfly: Arbitrary file read via path traversal
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2595.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2595.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2595
reference_id
reference_type
scores
0
value 0.01106
scoring_system epss
scoring_elements 0.7804
published_at 2026-04-01T12:55:00Z
1
value 0.01106
scoring_system epss
scoring_elements 0.78048
published_at 2026-04-02T12:55:00Z
2
value 0.01106
scoring_system epss
scoring_elements 0.78077
published_at 2026-04-04T12:55:00Z
3
value 0.01106
scoring_system epss
scoring_elements 0.7806
published_at 2026-04-07T12:55:00Z
4
value 0.01106
scoring_system epss
scoring_elements 0.78086
published_at 2026-04-08T12:55:00Z
5
value 0.01106
scoring_system epss
scoring_elements 0.7809
published_at 2026-04-09T12:55:00Z
6
value 0.01106
scoring_system epss
scoring_elements 0.78117
published_at 2026-04-11T12:55:00Z
7
value 0.01106
scoring_system epss
scoring_elements 0.78099
published_at 2026-04-12T12:55:00Z
8
value 0.01106
scoring_system epss
scoring_elements 0.78095
published_at 2026-04-13T12:55:00Z
9
value 0.01106
scoring_system epss
scoring_elements 0.78131
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2595
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1413028
reference_id 1413028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1413028
3
reference_url https://access.redhat.com/errata/RHSA-2017:1409
reference_id RHSA-2017:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1409
4
reference_url https://access.redhat.com/errata/RHSA-2017:1551
reference_id RHSA-2017:1551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1551
fixed_packages
aliases CVE-2017-2595
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtbq-4rr9-vud6
9
url VCID-pd7m-bhqf-kkge
vulnerability_id VCID-pd7m-bhqf-kkge
summary In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:2808
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2808
1
reference_url https://access.redhat.com/errata/RHSA-2017:2809
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2809
2
reference_url https://access.redhat.com/errata/RHSA-2017:2810
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2810
3
reference_url https://access.redhat.com/errata/RHSA-2017:2811
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2811
4
reference_url https://access.redhat.com/errata/RHSA-2017:3141
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3141
5
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3454
6
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3455
7
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3456
8
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3458
9
reference_url https://access.redhat.com/errata/RHSA-2018:2740
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2740
10
reference_url https://access.redhat.com/errata/RHSA-2018:2741
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2741
11
reference_url https://access.redhat.com/errata/RHSA-2018:2742
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2742
12
reference_url https://access.redhat.com/errata/RHSA-2018:2743
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2743
13
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
14
reference_url https://access.redhat.com/errata/RHSA-2018:3817
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3817
15
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7536.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7536.json
16
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7536
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.28482
published_at 2026-04-04T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.2844
published_at 2026-04-02T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.28365
published_at 2026-04-01T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.28275
published_at 2026-04-07T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.28341
published_at 2026-04-08T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.31984
published_at 2026-04-13T12:55:00Z
6
value 0.00127
scoring_system epss
scoring_elements 0.32052
published_at 2026-04-09T12:55:00Z
7
value 0.00127
scoring_system epss
scoring_elements 0.32056
published_at 2026-04-11T12:55:00Z
8
value 0.00127
scoring_system epss
scoring_elements 0.32017
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7536
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1465573
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1465573
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7536
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7536
19
reference_url https://github.com/hibernate/hibernate-validator
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator
20
reference_url https://github.com/hibernate/hibernate-validator/commit/0778a5c98b817771a645c6f4ba0b28dd8b5437b
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/0778a5c98b817771a645c6f4ba0b28dd8b5437b
21
reference_url https://github.com/hibernate/hibernate-validator/commit/0886e89900d343ea20fde5137c9a3086e6da9ac
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hibernate/hibernate-validator/commit/0886e89900d343ea20fde5137c9a3086e6da9ac
22
reference_url https://github.com/hibernate/hibernate-validator/commit/0ed45f37c4680998167179e631113a2c9cb5d11
reference_id
reference_type
scores
url https://github.com/hibernate/hibernate-validator/commit/0ed45f37c4680998167179e631113a2c9cb5d11
23
reference_url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E
25
reference_url http://www.securityfocus.com/bid/101048
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101048
26
reference_url http://www.securitytracker.com/id/1039744
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1039744
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885577
reference_id 885577
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885577
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7536
reference_id CVE-2017-7536
reference_type
scores
0
value 4.4
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:P/I:P/A:P
1
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7536
41
reference_url https://github.com/advisories/GHSA-xxgp-pcfc-3vgc
reference_id GHSA-xxgp-pcfc-3vgc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxgp-pcfc-3vgc
fixed_packages
aliases CVE-2017-7536, GHSA-xxgp-pcfc-3vgc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pd7m-bhqf-kkge
10
url VCID-tdj6-jjmb-tkav
vulnerability_id VCID-tdj6-jjmb-tkav
summary EAP7: Internal IP address disclosed on redirect when request header Host field is not set
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6311.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6311.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6311
reference_id
reference_type
scores
0
value 0.00679
scoring_system epss
scoring_elements 0.71516
published_at 2026-04-01T12:55:00Z
1
value 0.00679
scoring_system epss
scoring_elements 0.71523
published_at 2026-04-02T12:55:00Z
2
value 0.00679
scoring_system epss
scoring_elements 0.7154
published_at 2026-04-04T12:55:00Z
3
value 0.00679
scoring_system epss
scoring_elements 0.71513
published_at 2026-04-07T12:55:00Z
4
value 0.00679
scoring_system epss
scoring_elements 0.71553
published_at 2026-04-08T12:55:00Z
5
value 0.00679
scoring_system epss
scoring_elements 0.71565
published_at 2026-04-09T12:55:00Z
6
value 0.00679
scoring_system epss
scoring_elements 0.71588
published_at 2026-04-11T12:55:00Z
7
value 0.00679
scoring_system epss
scoring_elements 0.71572
published_at 2026-04-12T12:55:00Z
8
value 0.00679
scoring_system epss
scoring_elements 0.71554
published_at 2026-04-13T12:55:00Z
9
value 0.00679
scoring_system epss
scoring_elements 0.716
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6311
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1362735
reference_id 1362735
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1362735
fixed_packages
aliases CVE-2016-6311
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tdj6-jjmb-tkav
11
url VCID-tzmu-y1p4-8bac
vulnerability_id VCID-tzmu-y1p4-8bac
summary 
Uncontrolled Resource Consumption
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2017-0830.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0830.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2017-0831.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0831.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2017-0832.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0832.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2017-0834.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0834.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2017-0876.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2017-0876.html
5
reference_url https://access.redhat.com/errata/RHSA-2017:0872
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:0872
6
reference_url https://access.redhat.com/errata/RHSA-2017:0873
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:0873
7
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3454
8
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3455
9
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3456
10
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3458
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9589.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9589.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9589
reference_id
reference_type
scores
0
value 0.02193
scoring_system epss
scoring_elements 0.84417
published_at 2026-04-16T12:55:00Z
1
value 0.02193
scoring_system epss
scoring_elements 0.84324
published_at 2026-04-01T12:55:00Z
2
value 0.02193
scoring_system epss
scoring_elements 0.84338
published_at 2026-04-02T12:55:00Z
3
value 0.02193
scoring_system epss
scoring_elements 0.84359
published_at 2026-04-04T12:55:00Z
4
value 0.02193
scoring_system epss
scoring_elements 0.84361
published_at 2026-04-07T12:55:00Z
5
value 0.02193
scoring_system epss
scoring_elements 0.84383
published_at 2026-04-08T12:55:00Z
6
value 0.02193
scoring_system epss
scoring_elements 0.84388
published_at 2026-04-09T12:55:00Z
7
value 0.02193
scoring_system epss
scoring_elements 0.84405
published_at 2026-04-11T12:55:00Z
8
value 0.02193
scoring_system epss
scoring_elements 0.84399
published_at 2026-04-12T12:55:00Z
9
value 0.02193
scoring_system epss
scoring_elements 0.84395
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9589
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404782
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1404782
14
reference_url https://github.com/wildfly/wildfly
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wildfly/wildfly
15
reference_url https://web.archive.org/web/20200227180917/https://www.securityfocus.com/bid/97060
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227180917/https://www.securityfocus.com/bid/97060
16
reference_url https://web.archive.org/web/20200227180917/https://www.securityfocus.com/bid/97060/
reference_id
reference_type
scores
url https://web.archive.org/web/20200227180917/https://www.securityfocus.com/bid/97060/
17
reference_url http://www.securityfocus.com/bid/97060
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97060
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9589
reference_id CVE-2016-9589
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9589
19
reference_url https://github.com/advisories/GHSA-p4xg-cpr9-vwvj
reference_id GHSA-p4xg-cpr9-vwvj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p4xg-cpr9-vwvj
20
reference_url https://access.redhat.com/errata/RHSA-2017:0830
reference_id RHSA-2017:0830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0830
21
reference_url https://access.redhat.com/errata/RHSA-2017:0831
reference_id RHSA-2017:0831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0831
22
reference_url https://access.redhat.com/errata/RHSA-2017:0832
reference_id RHSA-2017:0832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0832
23
reference_url https://access.redhat.com/errata/RHSA-2017:0834
reference_id RHSA-2017:0834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0834
24
reference_url https://access.redhat.com/errata/RHSA-2017:0876
reference_id RHSA-2017:0876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0876
fixed_packages
aliases CVE-2016-9589, GHSA-p4xg-cpr9-vwvj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzmu-y1p4-8bac
12
url VCID-v84e-sf92-dqa1
vulnerability_id VCID-v84e-sf92-dqa1
summary A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:1834
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1834
1
reference_url https://access.redhat.com/errata/RHSA-2017:1835
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1835
2
reference_url https://access.redhat.com/errata/RHSA-2017:1836
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1836
3
reference_url https://access.redhat.com/errata/RHSA-2017:1837
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1837
4
reference_url https://access.redhat.com/errata/RHSA-2017:1839
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1839
5
reference_url https://access.redhat.com/errata/RHSA-2017:1840
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1840
6
reference_url https://access.redhat.com/errata/RHSA-2017:2477
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2477
7
reference_url https://access.redhat.com/errata/RHSA-2017:2546
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2546
8
reference_url https://access.redhat.com/errata/RHSA-2017:2547
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2547
9
reference_url https://access.redhat.com/errata/RHSA-2017:2633
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2633
10
reference_url https://access.redhat.com/errata/RHSA-2017:2635
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2635
11
reference_url https://access.redhat.com/errata/RHSA-2017:2636
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2636
12
reference_url https://access.redhat.com/errata/RHSA-2017:2637
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2637
13
reference_url https://access.redhat.com/errata/RHSA-2017:2638
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2638
14
reference_url https://access.redhat.com/errata/RHSA-2017:3141
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3141
15
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3454
16
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3455
17
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3456
18
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3458
19
reference_url https://access.redhat.com/errata/RHSA-2018:0294
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0294
20
reference_url https://access.redhat.com/errata/RHSA-2018:0342
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0342
21
reference_url https://access.redhat.com/errata/RHSA-2018:1449
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1449
22
reference_url https://access.redhat.com/errata/RHSA-2018:1450
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1450
23
reference_url https://access.redhat.com/errata/RHSA-2019:0910
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0910
24
reference_url https://access.redhat.com/errata/RHSA-2019:2858
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2858
25
reference_url https://access.redhat.com/errata/RHSA-2019:3149
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3149
26
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7525.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7525.json
27
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7525
reference_id
reference_type
scores
0
value 0.79267
scoring_system epss
scoring_elements 0.99066
published_at 2026-04-04T12:55:00Z
1
value 0.79267
scoring_system epss
scoring_elements 0.99061
published_at 2026-04-02T12:55:00Z
2
value 0.79267
scoring_system epss
scoring_elements 0.99072
published_at 2026-04-16T12:55:00Z
3
value 0.79267
scoring_system epss
scoring_elements 0.99071
published_at 2026-04-13T12:55:00Z
4
value 0.79267
scoring_system epss
scoring_elements 0.9907
published_at 2026-04-09T12:55:00Z
5
value 0.79267
scoring_system epss
scoring_elements 0.99069
published_at 2026-04-11T12:55:00Z
6
value 0.79267
scoring_system epss
scoring_elements 0.99068
published_at 2026-04-07T12:55:00Z
7
value 0.79549
scoring_system epss
scoring_elements 0.99076
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7525
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462702
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1462702
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525
30
reference_url https://cwiki.apache.org/confluence/display/WW/S2-055
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://cwiki.apache.org/confluence/display/WW/S2-055
31
reference_url https://github.com/advisories/GHSA-qxxx-2pp7-5hmx
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-qxxx-2pp7-5hmx
32
reference_url https://github.com/FasterXML/jackson-databind
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind
33
reference_url https://github.com/FasterXML/jackson-databind/commit/3bfbb835e530055c1941ddf87fde0b08d08dcd38
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/3bfbb835e530055c1941ddf87fde0b08d08dcd38
34
reference_url https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1
35
reference_url https://github.com/FasterXML/jackson-databind/commit/680d75b011edd67a2d2a2e9980998a968194c2ef
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/680d75b011edd67a2d2a2e9980998a968194c2ef
36
reference_url https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c1
37
reference_url https://github.com/FasterXML/jackson-databind/commit/90042692085deeb05ae75c569c9909f7dba24415
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/90042692085deeb05ae75c569c9909f7dba24415
38
reference_url https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92
39
reference_url https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935
40
reference_url https://github.com/FasterXML/jackson-databind/commit/fa87c1ddbe803ebb7295f5c2ebfe38e12f6e6162
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/fa87c1ddbe803ebb7295f5c2ebfe38e12f6e6162
41
reference_url https://github.com/FasterXML/jackson-databind/commit/fd8dec2c7fab8b4b4bd60502a0f1d63ec23c24da
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/commit/fd8dec2c7fab8b4b4bd60502a0f1d63ec23c24da
42
reference_url https://github.com/FasterXML/jackson-databind/issues/1599
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/issues/1599
43
reference_url https://github.com/FasterXML/jackson-databind/issues/1723
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FasterXML/jackson-databind/issues/1723
44
reference_url https://github.com/FasterXML/jackson-databind/issues/1737
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/1737
45
reference_url https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E
54
reference_url https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E
55
reference_url https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E
56
reference_url https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E
57
reference_url https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E
58
reference_url https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E
59
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html
60
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html
61
reference_url https://security.netapp.com/advisory/ntap-20171214-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20171214-0002
62
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us
63
reference_url https://www.debian.org/security/2017/dsa-4004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4004
64
reference_url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
reference_id
reference_type
scores
url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
65
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
66
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
67
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
68
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
69
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
70
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
71
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
72
reference_url http://www.securityfocus.com/bid/99623
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99623
73
reference_url http://www.securitytracker.com/id/1039744
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039744
74
reference_url http://www.securitytracker.com/id/1039947
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039947
75
reference_url http://www.securitytracker.com/id/1040360
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040360
76
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870848
reference_id 870848
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870848
77
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7525
reference_id CVE-2017-7525
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7525
78
reference_url https://usn.ubuntu.com/4741-1/
reference_id USN-4741-1
reference_type
scores
url https://usn.ubuntu.com/4741-1/
fixed_packages
aliases CVE-2017-7525, GHSA-qxxx-2pp7-5hmx
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v84e-sf92-dqa1
13
url VCID-wazp-5818-mqbw
vulnerability_id VCID-wazp-5818-mqbw
summary 
Deserialization of Untrusted Data
The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/activemq-users/201609.mbox/%3CCAH6wpnqzeNtpykT7emtDU1-GV7AvjFP5-YroWcCC4UZyQEFvtA%40mail.gmail.com%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/activemq-users/201609.mbox/%3CCAH6wpnqzeNtpykT7emtDU1-GV7AvjFP5-YroWcCC4UZyQEFvtA%40mail.gmail.com%3E
1
reference_url https://access.redhat.com/errata/RHSA-2017:1834
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1834
2
reference_url https://access.redhat.com/errata/RHSA-2017:1835
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1835
3
reference_url https://access.redhat.com/errata/RHSA-2017:1836
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1836
4
reference_url https://access.redhat.com/errata/RHSA-2017:1837
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:1837
5
reference_url https://access.redhat.com/errata/RHSA-2017:3454
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3454
6
reference_url https://access.redhat.com/errata/RHSA-2017:3455
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3455
7
reference_url https://access.redhat.com/errata/RHSA-2017:3456
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3456
8
reference_url https://access.redhat.com/errata/RHSA-2017:3458
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3458
9
reference_url https://access.redhat.com/errata/RHSA-2018:1447
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1447
10
reference_url https://access.redhat.com/errata/RHSA-2018:1448
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1448
11
reference_url https://access.redhat.com/errata/RHSA-2018:1449
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1449
12
reference_url https://access.redhat.com/errata/RHSA-2018:1450
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1450
13
reference_url https://access.redhat.com/errata/RHSA-2018:1451
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1451
14
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4978.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4978.json
15
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4978
reference_id
reference_type
scores
0
value 0.01084
scoring_system epss
scoring_elements 0.77874
published_at 2026-04-13T12:55:00Z
1
value 0.01084
scoring_system epss
scoring_elements 0.7789
published_at 2026-04-11T12:55:00Z
2
value 0.01084
scoring_system epss
scoring_elements 0.77863
published_at 2026-04-09T12:55:00Z
3
value 0.01084
scoring_system epss
scoring_elements 0.77831
published_at 2026-04-07T12:55:00Z
4
value 0.01084
scoring_system epss
scoring_elements 0.77858
published_at 2026-04-08T12:55:00Z
5
value 0.01084
scoring_system epss
scoring_elements 0.77849
published_at 2026-04-04T12:55:00Z
6
value 0.01084
scoring_system epss
scoring_elements 0.77821
published_at 2026-04-02T12:55:00Z
7
value 0.01084
scoring_system epss
scoring_elements 0.7791
published_at 2026-04-16T12:55:00Z
8
value 0.01084
scoring_system epss
scoring_elements 0.77815
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4978
16
reference_url https://github.com/apache/activemq-artemis
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq-artemis
17
reference_url https://lists.apache.org/thread.html/7260bd0955c12aac5bd892039d3356ba3aa0ff4caaf2aa4fd4fe84a2@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/7260bd0955c12aac5bd892039d3356ba3aa0ff4caaf2aa4fd4fe84a2@%3Cissues.activemq.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/7260bd0955c12aac5bd892039d3356ba3aa0ff4caaf2aa4fd4fe84a2%40%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/7260bd0955c12aac5bd892039d3356ba3aa0ff4caaf2aa4fd4fe84a2%40%3Cissues.activemq.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/d4ffbc6a43a915324a394b2913ceb7d07bc352f2d08caa19df0aff02@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d4ffbc6a43a915324a394b2913ceb7d07bc352f2d08caa19df0aff02@%3Cissues.activemq.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/d4ffbc6a43a915324a394b2913ceb7d07bc352f2d08caa19df0aff02%40%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d4ffbc6a43a915324a394b2913ceb7d07bc352f2d08caa19df0aff02%40%3Cissues.activemq.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d@%3Ccommits.activemq.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d%40%3Ccommits.activemq.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088@%3Ccommits.activemq.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088%40%3Ccommits.activemq.apache.org%3E
25
reference_url https://web.archive.org/web/20210123172653/http://www.securityfocus.com/bid/93142
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123172653/http://www.securityfocus.com/bid/93142
26
reference_url https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities.pdf
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities.pdf
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1379207
reference_id 1379207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1379207
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4978
reference_id CVE-2016-4978
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4978
29
reference_url https://github.com/advisories/GHSA-r9vv-xj4w-g8m8
reference_id GHSA-r9vv-xj4w-g8m8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r9vv-xj4w-g8m8
fixed_packages
aliases CVE-2016-4978, GHSA-r9vv-xj4w-g8m8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wazp-5818-mqbw
14
url VCID-wpvb-dr22-bfde
vulnerability_id VCID-wpvb-dr22-bfde
summary EAP: Sensitive data can be exposed at the server level in domain mode
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7061.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7061.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7061
reference_id
reference_type
scores
0
value 0.0056
scoring_system epss
scoring_elements 0.68217
published_at 2026-04-01T12:55:00Z
1
value 0.0056
scoring_system epss
scoring_elements 0.68238
published_at 2026-04-02T12:55:00Z
2
value 0.0056
scoring_system epss
scoring_elements 0.68257
published_at 2026-04-04T12:55:00Z
3
value 0.0056
scoring_system epss
scoring_elements 0.68233
published_at 2026-04-07T12:55:00Z
4
value 0.0056
scoring_system epss
scoring_elements 0.68284
published_at 2026-04-08T12:55:00Z
5
value 0.0056
scoring_system epss
scoring_elements 0.683
published_at 2026-04-09T12:55:00Z
6
value 0.0056
scoring_system epss
scoring_elements 0.68325
published_at 2026-04-11T12:55:00Z
7
value 0.0056
scoring_system epss
scoring_elements 0.68313
published_at 2026-04-12T12:55:00Z
8
value 0.0056
scoring_system epss
scoring_elements 0.68279
published_at 2026-04-13T12:55:00Z
9
value 0.0056
scoring_system epss
scoring_elements 0.68319
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7061
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1380852
reference_id 1380852
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1380852
3
reference_url https://access.redhat.com/errata/RHSA-2017:0170
reference_id RHSA-2017:0170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0170
4
reference_url https://access.redhat.com/errata/RHSA-2017:0171
reference_id RHSA-2017:0171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0171
5
reference_url https://access.redhat.com/errata/RHSA-2017:0172
reference_id RHSA-2017:0172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0172
6
reference_url https://access.redhat.com/errata/RHSA-2017:0173
reference_id RHSA-2017:0173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0173
7
reference_url https://access.redhat.com/errata/RHSA-2017:0244
reference_id RHSA-2017:0244
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0244
8
reference_url https://access.redhat.com/errata/RHSA-2017:0245
reference_id RHSA-2017:0245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0245
9
reference_url https://access.redhat.com/errata/RHSA-2017:0246
reference_id RHSA-2017:0246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0246
10
reference_url https://access.redhat.com/errata/RHSA-2017:0247
reference_id RHSA-2017:0247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0247
11
reference_url https://access.redhat.com/errata/RHSA-2017:0250
reference_id RHSA-2017:0250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0250
fixed_packages
aliases CVE-2016-7061
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wpvb-dr22-bfde
15
url VCID-y5s2-w88t-8uhx
vulnerability_id VCID-y5s2-w88t-8uhx
summary 
Uncontrolled Resource Consumption
Remote attackers could cause a denial of service (CPU and disk consumption) via a long URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7046.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7046.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7046
reference_id
reference_type
scores
0
value 0.0406
scoring_system epss
scoring_elements 0.88542
published_at 2026-04-16T12:55:00Z
1
value 0.0406
scoring_system epss
scoring_elements 0.88528
published_at 2026-04-13T12:55:00Z
2
value 0.0406
scoring_system epss
scoring_elements 0.88536
published_at 2026-04-11T12:55:00Z
3
value 0.0406
scoring_system epss
scoring_elements 0.88524
published_at 2026-04-09T12:55:00Z
4
value 0.0406
scoring_system epss
scoring_elements 0.88481
published_at 2026-04-02T12:55:00Z
5
value 0.0406
scoring_system epss
scoring_elements 0.88519
published_at 2026-04-08T12:55:00Z
6
value 0.0406
scoring_system epss
scoring_elements 0.88501
published_at 2026-04-07T12:55:00Z
7
value 0.0406
scoring_system epss
scoring_elements 0.88498
published_at 2026-04-04T12:55:00Z
8
value 0.0406
scoring_system epss
scoring_elements 0.88473
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7046
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1376646
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1376646
3
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
4
reference_url https://github.com/undertow-io/undertow/commit/c518b5a1784061d807efedcef0a03fcd35a53de2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/c518b5a1784061d807efedcef0a03fcd35a53de2
5
reference_url https://issues.redhat.com/browse/UNDERTOW-835
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/UNDERTOW-835
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7046
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7046
7
reference_url https://security-tracker.debian.org/tracker/CVE-2016-7046
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2016-7046
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838600
reference_id 838600
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838600
9
reference_url https://access.redhat.com/security/cve/CVE-2016-7046
reference_id CVE-2016-7046
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2016-7046
10
reference_url https://github.com/advisories/GHSA-3f57-w2rp-72fc
reference_id GHSA-3f57-w2rp-72fc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3f57-w2rp-72fc
11
reference_url https://access.redhat.com/errata/RHSA-2016:2640
reference_id RHSA-2016:2640
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2640
12
reference_url https://access.redhat.com/errata/RHSA-2016:2641
reference_id RHSA-2016:2641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2641
13
reference_url https://access.redhat.com/errata/RHSA-2016:2642
reference_id RHSA-2016:2642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2642
14
reference_url https://access.redhat.com/errata/RHSA-2016:2657
reference_id RHSA-2016:2657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2657
fixed_packages
aliases CVE-2016-7046, GHSA-3f57-w2rp-72fc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y5s2-w88t-8uhx
16
url VCID-ygp7-kj2w-syat
vulnerability_id VCID-ygp7-kj2w-syat
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12165.json
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12165.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12165
reference_id
reference_type
scores
0
value 0.01096
scoring_system epss
scoring_elements 0.78038
published_at 2026-04-16T12:55:00Z
1
value 0.01096
scoring_system epss
scoring_elements 0.78003
published_at 2026-04-13T12:55:00Z
2
value 0.01096
scoring_system epss
scoring_elements 0.78005
published_at 2026-04-12T12:55:00Z
3
value 0.01096
scoring_system epss
scoring_elements 0.78022
published_at 2026-04-11T12:55:00Z
4
value 0.01096
scoring_system epss
scoring_elements 0.77995
published_at 2026-04-09T12:55:00Z
5
value 0.01096
scoring_system epss
scoring_elements 0.7799
published_at 2026-04-08T12:55:00Z
6
value 0.01096
scoring_system epss
scoring_elements 0.77982
published_at 2026-04-04T12:55:00Z
7
value 0.01096
scoring_system epss
scoring_elements 0.77963
published_at 2026-04-07T12:55:00Z
8
value 0.01096
scoring_system epss
scoring_elements 0.77953
published_at 2026-04-02T12:55:00Z
9
value 0.01096
scoring_system epss
scoring_elements 0.77946
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12165
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165
3
reference_url https://github.com/undertow-io/undertow
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow
4
reference_url https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
5
reference_url https://github.com/undertow-io/undertow/commit/5b008b7ac312c6cdb76679ff58c43620bb79d44f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/5b008b7ac312c6cdb76679ff58c43620bb79d44f
6
reference_url https://github.com/undertow-io/undertow/commit/691440ee58259fba76711b60d56dde6679808bdc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/undertow-io/undertow/commit/691440ee58259fba76711b60d56dde6679808bdc
7
reference_url https://issues.redhat.com/browse/UNDERTOW-1251
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.redhat.com/browse/UNDERTOW-1251
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1490301
reference_id 1490301
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1490301
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885338
reference_id 885338
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885338
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12165
reference_id CVE-2017-12165
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12165
11
reference_url https://github.com/advisories/GHSA-5gg7-5wv8-4gcj
reference_id GHSA-5gg7-5wv8-4gcj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5gg7-5wv8-4gcj
fixed_packages
aliases CVE-2017-12165, GHSA-5gg7-5wv8-4gcj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ygp7-kj2w-syat
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jul-to-slf4j-stub@1.0.1-6.Final_redhat_3.1.ep7%3Farch=el7